Snapchat Loophole Can Be Exploited to Crash iPhones, Warn Experts

Users of Snapchat on the iPhone need beware about a possible glitch in the app which makes it vulnerable to hackers. The glitch has been uncovered by Jaime Sanchez and his team at Telefonica, a Spain based telecom company claiming the app can flood the device with huge number of messages that would lead to the device freeze or require a hard reset as a worst case scenario. The one major advantage of Snapchat is that the users of this app are able to exchange photos and video which are erased once they are viewed by the recipient. The app is compatible with both iOS and Android OS.

Sanchez explains that the token which Snapchat generates every time a new message is being generated is the weak link in the system as hackers can use the old tokens to send the new messages. Individuals would therefore be open to attacks from possible spammers who would use these old coupons and flood the person’s device with messages. Sanchez could demonstrate the process by sending 1000 messages to a user account in 5 just seconds. The flood of messages meant that user was thereafter denied usage of the services of Snapchat. The device goes slow also along with non-usage of the particular app.


There is a difference in opinion between the company who have developed Snapchat and the one where Sanchez is working. That be so, Sanchez is not approaching developers of Snapchat with his findings.

Further, developers of the Snapchat app have not been known to pay heed to security issues being raised on their products by other firms in the business. Gibson Security had mentioned about a loop hole that exposes the user data of the Snapchat app. They had also demonstrated the same though Snapchat did not pay heed to the same. Snapchat on their part have denied having any information of the security loop holes in their app as found out by Sanchez. They had also given notice about the email address that they could be reached at. Sanchez on his part has claimed the company had blocked access to their servers from his account.